CEH

Denial of Service CEH EXAM TOPICS COVERED IN THIS CHAPTER: ✓ III. Security E. Network security P. Vulnerabilities Chapter 11 ...

This chapter will give you a firm understanding of what con- stitutes a denial-of-service (DoS) attack, the tools and methods us ...

Understanding DoS 261 Typical victims of DoS attacks range from government-owned resources to online ven- dors and others, and t ...

262 Chapter 11 ■ Denial of Service use their organization to sometimes enact extortion schemes or to set up other moneymak- ing ...

Understanding DoS 263 phone over and over again so they could not answer any other calls due to their being occu- pied. When a s ...

264 Chapter 11 ■ Denial of Service Fraggle A fraggle attack is a variation of a smurf attack that uses UDP echo requests instead ...

Understanding DoS 265 You’ll monitor your traffic via your Wireshark installation on your Windows 7 installa- tion. Your Window ...

266 Chapter 11 ■ Denial of Service Don’t let all the options overwhelm you. You’re interested in only a few for this exercise. ...

Understanding DoS 267 Buffer Overflow Buffer overflow is a DoS technique that takes advantage of a flaw in a program’s coding by ...

268 Chapter 11 ■ Denial of Service Stack The stack refers to the smaller pool of free storage: memory allocated to a program for ...

Understanding DoS 269 The key takeaway from this is to understand how the stack can be “overflowed” and thus create a DoS condit ...

270 Chapter 11 ■ Denial of Service ber that Figure 11.1 represents normal operation, where the program’s variables and stored da ...

Understanding DDoS 271 ■ The OS terminates the offending program due to the program operating outside its allotted memory space. ...

272 Chapter 11 ■ Denial of Service Handler Master / Attacker Zombies Handler Victim Handler FIGURE 11.3 DDoS attack setup A comm ...

DDoS Tools 273 Tools for Creating Botnets Various tools are used to create botnets, including the following: ■ Shark ■ Plugbot ■ ...

274 Chapter 11 ■ Denial of Service EXERCISE 11.2 Seeing LOIC in Action LOIC is one the easiest DDoS tools available, yet its sim ...

DDoS Tools 275 Now that you have the IP input and target selected, you can configure a few more details for your attack prefere ...

276 Chapter 11 ■ Denial of Service DoS Defensive Strategies Let’s look at some DoS defensive strategies: Disabling Unnecessary S ...

Summary 277 Degrading Services In this approach, services may be throttled down or shut down in the event of an attack automatic ...

278 Chapter 11 ■ Denial of Service condition. Additionally, you saw that a NOP sled can be used to pad the program stack, which ...